The EU commission has issued a 10-point-plan in its relationsship with China. The paper says: "Against the backdrop of China's growing economic power and political influence, the European Commission and the High Representative review European Union-China relations and the related opportunities and challenges. They set out 10 concrete actions for EU Heads of State or Government to discuss at the European Council of 21 March."
According to the paper, the commission wants a coordinated approach in all business relations with China: "Neither the EU nor any of its Member States can effectively achieve their aims with China without full unity. In cooperating with China, all Member States, individually and within sub-regional cooperation frameworks, such as the 16+1 format5, have a responsibility to ensure consistency with EU law, rules and policies."
Hence the Eu is aiming for a common approach regarding Chinese participation in the European 5G networks. Without mentioning Huawei explicitly, the paper says: "To safeguard against potential serious security implications for critical digital infrastructure, a common EU approach to the security of 5G networks is needed. To kickstart this, the European Commission will issue a Recommendation following the European Council."
Prior to the statement, the United States has warned intelligence sharing with Germany could be restricted should Berlin move ahead with plans to allow Huawei help set up its 5G mobile network, according to the Wall Street Journal. The warning comes amid US claims that Huawei, a Chinese firm, may offer a backdoor for Chinese state espionage.
The EU commssion outlines how the approach should be executed:
5G networks will provide the future backbone of our societies and economies, connecting billions of objects and systems, including sensitive information and communication technology systems in critical sectors. Any vulnerability in 5G networks could be exploited in order to compromise such systems and digital infrastructure – potentially causing very serious damage. A range of EU instruments, including the Network and Information Security Directive22, the recently approved Cybersecurity Act, and the European Electronic Communications Code24 will allow reinforcing cooperation in addressing cyber-attacks and enable the EU to act collectively in protecting its economy and society.
The Commission will adopt a recommendation following the European Council for a common EU approach to security risks to 5G networks, building on a coordinated EU risk assessment and risk-management measures, an effective cooperation and exchange of information framework, and joint EU situational awareness covering critical communication networks.
Moreover, on 8 March 2019, the Commission and the High Representative proposed the establishment of a horizontal sanctions regime to counter cyber-attacks. The proposed regime has worldwide coverage and will enable a flexible EU response irrespective of the location from which cyber-attacks are launched and regardless of whether they are carried out by state or non-state actors. This sanctions regime, when adopted, would enable the Union to respond to cyber-attacks with a ‘significant effect’, which threaten the integrity and security of the EU, its Member States and their citizens.
The EU will support multilateral efforts, notably in the G20 context, to promote free and secure data flows based on strong privacy protections for personal data.